gaogaostone

Results 10 issues of gaogaostone

[Escalation of Privileges] Unauthorized users can create a new user with admin role

- [Y ] 我已经在 [issues](https://github.com/didi/KnowStreaming/issues) 搜索过相关问题了,并没有重复的。 你是否希望来认领这个Bug。 ### Env * KnowStreaming version : 3.0.0 * Operating System version : * Java version : This issue is tested on the website...

status: pending

KnowAgent is vulnerable to Information Disclosure, and it results to attackers can read arbitrary files.

1 comment

1) When I study the source code of KnowAgent, the file-content route in NormalLogCollectTaskController.java gets my attention. It seems to be a file read function. ![image](https://github.com/didi/KnowAgent/assets/5965134/b4e9879f-4876-4969-a3b9-5d7060b24184) 2)Then I access the...

Default SECRET_KEY can lead to arbitrary session forgery

1 comment

The coco-annotator project has a default SECRET_KEY, which is used for signing and verifying Flask sessions. If the system administrator does not change the SECRET_KEY when configuring the system, it...

A specially crafted request may cause an authentication bypass

In DDMQ console module through all the versions, a specially crafted request may cause an authentication bypass.Attackers can add “/;login” at the tail of authorization-required urls to bypass the authentication...

Improper permission management allowing unauthorized users to access sensitive configuration information

The Disconf of version 2.6.36 has improper permission management, allowing unauthorized users to access sensitive configuration information stored in the configuration center. ### Proof on Concept: **1) Access the /api/config/list...

Unauthorized attackers can execute any command with getLocalCoverResult Interface

When accessing the getLocalCoverResult Interface with special request, unauthorized attackers can execute any command on the target system. ### Code Analyzing 1) The function getEnvLocalCoverResult in file CodeCovController.java handles the...

Unauthorized attackers can execute any command with triggerUnitCover Interface

When accessing the triggerUnitCover Interface with special request, unauthorized attackers can execute any command on the target system. Attacker can inject command in the parameter uuid. ### Proof of concept:...

Unauthorized attackers can execute any command with triggerEnvCov Interface

When accessing the triggerEnvCov Interface with special request, unauthorized attackers can execute any command on the target system. Attacker can inject command in the parameter uuid. ### Proof of concept...

Authorization bypass

1 comment

White-Jotter v0.2.2 has an authorization bypass vulnerability, allowing unauthorized users to access sensitive system information and even modify critical system data. This vulnerability compromises the confidentiality, integrity of the system....

Improper permission management allowing unauthorized users to create projects arbitrarily

BRCC v1.2.0 has improper permission management, allowing unauthorized users to create projects arbitrarily. ### Proof of Concept: **Send the following request to add project and it successfully adds the project.**...